We'd love to hear about it! Click here to go to the product suggestion community
I have an issue with my sophos XG firewall.
when i generate any report i found that there is a big traffic related to Category named "infrastructure" and once i open it i found Application/proto:port named "Secure Socket Layer Protocol"
I need to monitor this traffic to know which application make this traffic and close or remove it if it is harm application.
My configuration is below:
- Sophose firmware: SFOS 17.5.8 MR-8
- i have one rule that allow all http and https only
- web policy configured to allow all.
- application policy configured to allow all.
- checked "Scan HTTP" , checked "Decrypt & scan HTTPS" , checked "Block Google QUIC"
- the cert "Default" and "SecurityAppliance_SSL_CA.pem" installed on the PCs in the trusted root section.
thanks in advance.
Wrong forum. Try posting your question here https://community.sophos.com/products/xg-firewall/f